A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. The term hacker may refer to anyone with technical skills, but it often refers to a person who uses his or her abilities to gain unauthorized access to systems or networks in order to commit crimes. A hacker may, for example, steal information to hurt people via identity theft, damage or bring down systems and, often, hold those systems hostage to collect ransom.

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

The term hacker has historically been a divisive one, sometimes being used as a term of admiration for an individual who exhibits a high degree of skill, as well as creativity in his or her approach to technical problems. However, the term is more commonly applied to an individual who uses this skill for illegal or unethical purposes.

Types of hackers

The security community has informally used references to hat color as a way different types of hacker are identified, usually divided into three types: white hat, black hat and gray hat.

White hat hackers, also known as ethical hackers, strive to operate in the public's best interest, rather than to create turmoil. Many white hat hackers work doing penetration testing, hired to attempt to break into the company's networks to find and report on security vulnerabilities. The security firms then help their customers mitigate security issues before criminal hackers can exploit them.

Black hat hackers intentionally gain unauthorized access to networks and systems with malicious intent, whether to steal data, spread malware or profit from ransomware, vandalize or otherwise damage systems or for any other reason -- including gaining notoriety. Black hat hackers are criminals by definition because they violate laws against accessing systems without authorization, but they may also engage in other illegal activity, including identity theft and distributed denial-of-service attacks.

Gray hat hackers fall somewhere between white hat hackers and black hat hackers. While their motives may be similar to those of white hat hackers, gray hats are more likely than white hat hackers to access systems without authorization; at the same time, they are more likely than black hat hackers to avoid doing unnecessary damage to the systems they hack. Although they aren't typically -- or only -- motivated by money, gray hat hackers may offer to fix vulnerabilities they have discovered through their own, unauthorized, activities rather than using their knowledge to exploit vulnerabilities for illegal profit.

A black hat hacker accesses systems without authorization and steals or damages data

Hackers of all types participate in forums to exchange hacking information and tradecraft. There are a number of hacker forums where white hat hackers can discuss or ask questions about hacking. Other white hat forums offer technical guides with step-by-step instructions on hacking.

Forums and marketplaces serving black hat hackers are often hosted on the dark web, and offer black hat hackers with an outlet for offering, trading and soliciting illegal hacking services.

Criminal hackers, who sometimes lack their own technical skills, often use scripts and other specifically designed software programs to break into corporate networks. This software may manipulate network data network connection to gather intelligence about the workings of the target system.

These scripts can be found posted on the internet for anyone, usually entry-level hackers, to use. Hackers with limited skills are sometimes called script kiddies, referring to their need to use malicious scripts and their inability to create their own code. Advanced hackers might study these scripts and then modify them to develop new methods.

Hacker vs. cracker

The term hacker was first used in the 1960s to describe a programmer or an individual who, in an era of highly constrained computer capabilities, could increase the efficiency of computer code in a way that removed, or "hacked," excess machine-code instructions from a program. It has evolved over the years to refer to a person with an advanced understanding of computers, networking, programming or hardware.

For many in technology, the term hacker is best applied to those who use their skills without malicious intent, but over time the term has been applied to people who use their skills maliciously. To counter the trend of labeling skillful technologists as criminals, the term cracker was proposed for criminal hackers, with the intention of removing the stigma from being labeled a hacker.

Within the hacker-cracker framework, hackers are those who seek to identify flaws in security systems and work to improve them, including security experts tasked with locating and identifying flaws in systems and fixing those vulnerabilities. Crackers, on the other hand, are intent on breaching computer and network security to exploit those same flaws for their own gain.

While technologists have promoted use of the term cracker over the years, the distinction between differently motivated hackers is more commonly referenced by the use of white hat, gray hat or black hat. In general use, cracker hasn't found much traction.

Famous hackers

While many famous technologists have been considered hackers, including Donald Knuth, Ken Thompson, Vinton Cerf, Steve Jobs and Bill Gates, black hat hackers are more likely to gain notoriety as hackers in mainstream accounts. Gates was also caught breaking into corporate systems as a teenager before founding Microsoft.

Some notorious black hat hackers include:

Anonymous is a group of hackers from around the world who meet on online message boards and social networking forums. They mainly focus their efforts on encouraging civil disobedience and/or unrest via denial-of-service attacks, publishing victims' personal information online, as well as defacing and defaming websites.

Jonathan James gained notoriety for hacking into multiple websites, including those of the U.S. Department of Defense and NASA, as well as for stealing software code when he was a teenager. In 2000, James became the first juvenile -- he was just 16 years old -- to be incarcerated for computer hacking. He committed suicide in 2008 when he was 25 years old.

Adrian Lamo hacked into the systems of several organizations, including The New York Times, Microsoft and Yahoo to exploit their security flaws. Lamo was arrested in 2003, convicted in 2004 and sentenced to six months of home detention at his parents' home, two years' probation and ordered to pay about $65,000 in restitution.

Kevin Mitnick was convicted of a number of criminal computer crimes after evading authorities for two and a half years. Once one of the FBI's Most Wanted for hacking into networks of 40 high-profile corporations, Mitnick was arrested in 1993 and served five years in a federal prison. After his release, Mitnick founded a cybersecurity firm to help organizations keep their networks safe.

7 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Iindividual to use a computer to get unauthorised access to data illegally gains access to and sometimes tampers with information in a computer system gains remote access to a protected computer system breaks hacks a password code

I think we saw hackers as romantic, gentlemen thieves for a time. That was before our data and lives were impacted. Now I think the term has less positive and more negative. Which is sad. I think it's a skill (one I don't have) that can be used to great benefit by companies and organizations. Especially to secure otherwise open networks and available data. Hail the hackers!

Hackers are in the news a lot more today. It may be because they are stealing peoples identities more now than years ago. Back then it was to poke around in a companies business or steal from them. Today ID's are a hot commodity on the black market. I still would say a hacker is someone who gains unauthorized access to a computer system. Referring to them as a "clever programmer" is a scary thought. Would you hire a "clever programmer" not knowing they were just hacking skills and not a true application developer?

So many more people are willing to share info it makes it easier for a hacker to crack a password. A little surfing someones social media presence and you could probably figure out their passwords. Either ethical or not, I do not know if a key-logger would be considered hacking. That does not take any real skill for the hardware type of key-loggers. Those would be the ones I worry about most in a corporate environment. Hoe secure are your offices? Could someone pose as a member of the cleaning crew and attach one the the VP / CIO / CFO or event presidents computer off hours ??